You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: includes/policy/reference/byrp/microsoft.insights.md
+7-1Lines changed: 7 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
author: davidsmatlak
3
3
ms.service: azure-policy
4
4
ms.topic: include
5
-
ms.date: 08/25/2023
5
+
ms.date: 08/30/2023
6
6
ms.author: davidsmatlak
7
7
ms.custom: generated
8
8
---
@@ -15,12 +15,18 @@ ms.custom: generated
15
15
|[\[Preview\]: Configure Association to link Arc machines to user-defined Microsoft Defender for Cloud Data Collection Rule](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fc9ae938d-3d6f-4466-b7c3-351761d9c890)|Configure Arc machines to automatically create an association with the user-defined data collection rule for Microsoft Defender for Cloud. Deleting this association will break the detection of security vulnerabilities for this Arc machine. Target Arc machines must be in a supported location. |DeployIfNotExists, Disabled |[2.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/ASC_AMA_UserWorkspacePipeline_DCRA_Arc_Deploy.json)|
16
16
|[\[Preview\]: Configure Association to link virtual machines to default Microsoft Defender for Cloud Data Collection Rule](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fa2ea54a3-9707-45e3-8230-bbda8309d17e)|Configure machines to automatically create an association with the default data collection rule for Microsoft Defender for Cloud. Deleting this association will break the detection of security vulnerabilities for this virtual machine. Target virtual machines must be in a supported location. |DeployIfNotExists, Disabled |[3.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/ASC_AMA_DefaultPipeline_DCRA_Deploy.json)|
17
17
|[\[Preview\]: Configure Association to link virtual machines to user-defined Microsoft Defender for Cloud Data Collection Rule](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F9c0aa188-e5fe-4569-8f74-b6e155624d9a)|Configure machines to automatically create an association with the user-defined data collection rule for Microsoft Defender for Cloud. Deleting this association will break the detection of security vulnerabilities for this virtual machine. Target virtual machines must be in a supported location. |DeployIfNotExists, Disabled |[2.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/ASC_AMA_UserWorkspacePipeline_DCRA_Deploy.json)|
18
+
|[\[Preview\]: Configure Association to link Windows Arc machines to default Microsoft Defender for SQL Data Collection Rule](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fcbdd12e1-193a-445c-9926-560118c6daaa)|Configure Windows Arc machines to automatically create an association with the default data collection rule for Microsoft Defender for SQL. Deleting this association will break the detection of security vulnerabilities for this Arc machine. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_DefaultPipeline_DCRA_Arc.json)|
19
+
|[\[Preview\]: Configure Association to link Windows Arc machines to user-defined Microsoft Defender for SQL Data Collection Rule](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F2227e1f1-23dd-4c3a-85a9-7024a401d8b2)|Configure Windows Arc machines to automatically create an association with the user-defined data collection rule for Microsoft Defender for SQL. Deleting this association will break the detection of security vulnerabilities for this Arc machine. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_UserWorkspacePipeline_DCRA_Arc.json)|
18
20
|[\[Preview\]: Configure Linux Arc-enabled machines to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F09a1f130-7697-42bc-8d84-8a9ea17e5192)|Deploy Association to link Linux Arc-enabled machines to specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Linux_HybridVM_DINE.json)|
19
21
|[\[Preview\]: Configure Linux Virtual Machines to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fbef2d677-e829-492d-9a3d-f5a20fda818f)|Deploy Association to link Linux virtual machines to the specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations and OS images are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/ChangeTrackingAndInventory_DCRA_Linux_VM_DeployIfNotExists.json)|
20
22
|[\[Preview\]: Configure Linux VMSS to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F1142b015-2bd7-41e0-8645-a531afe09a1e)|Deploy Association to link Linux virtual machine scale sets to the specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations and OS images are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Linux_VMSS_DINE.json)|
21
23
|[\[Preview\]: Configure machines to create the Microsoft Defender for Cloud user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fc15c5978-ab6e-4599-a1c3-90a7918f5371)|Configure machines to create the Microsoft Defender for Cloud user-defined pipeline using Azure Monitor Agent. Microsoft Defender for Cloud collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Creates a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. Target virtual machines must be in a supported location. |DeployIfNotExists, Disabled |[1.2.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/ASC_AMA_UserWorkspacePipeline_Deploy.json)|
22
24
|[\[Preview\]: Configure virtual machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F8b5ad9ab-3d44-4a6e-9ac3-75b04ea5fd28)|Configure virtual machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent. Microsoft Defender for Cloud collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. Target virtual machines must be in a supported location. |DeployIfNotExists, Disabled |[5.2.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/ASC_AMA_DefaultPipeline_Deploy.json)|
25
+
|[\[Preview\]: Configure Windows Arc machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fda0fd392-9669-4ad4-b32c-ca46aaa6c21f)|Configure Windows Arc machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_DefaultPipeline_Arc.json)|
26
+
|[\[Preview\]: Configure Windows Arc machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F63d03cbd-47fd-4ee1-8a1c-9ddf07303de0)|Configure Windows Arc machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Create a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_UserWorkspacePipeline_Arc.json)|
23
27
|[\[Preview\]: Configure Windows Arc-enabled machines to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fef9fe2ce-a588-4edd-829c-6247069dcfdb)|Deploy Association to link Windows Arc-enabled machines to specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Windows_HybridVM_DINE.json)|
28
+
|[\[Preview\]: Configure Windows SQL machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F04754ef9-9ae3-4477-bf17-86ef50026304)|Configure Windows SQL machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Create a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_UserWorkspacePipeline_VM.json)|
29
+
|[\[Preview\]: Configure Windows SQL virtual machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fc859b78a-a128-4376-a838-e97ce6625d16)|Configure Windows SQL virtual machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_DefaultPipeline_VM.json)|
24
30
|[\[Preview\]: Configure Windows Virtual Machines to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fb6faa975-0add-4f35-8d1c-70bba45c4424)|Deploy Association to link Windows virtual machines to specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations and OS images are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Windows_VM_DINE.json)|
25
31
|[\[Preview\]: Configure Windows VMSS to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F8fd85785-1547-4a4a-bf90-d5483c9571c5)|Deploy Association to link Windows virtual machine scale sets to specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations and OS images are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Windows_VMSS_DINE.json)|
26
32
|[Activity log should be retained for at least one year](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fb02aacc0-b073-424e-8298-42b22829ee0a)|This policy audits the activity log if the retention is not set for 365 days or forever (retention days set to 0). |AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/ActivityLogRetention_365orGreater.json)|
0 commit comments